Hackers hit Winter Olympics networks with denial of service attack

A cyberattack paralyzed internet networks at the opening ceremony of the Pyeongchang Winter Olympics in what appeared to be a bid to embarrass the organizers.

Hacking caused both LAN and WiFi communications to fail during the opening ceremony on Feb. 9 and prevented tickets from being printed from the Olympics website, according to Yu Chae-yeon, a spokeswoman for the Pyeongchang Winter Games. The systems were restored at around 8 a.m. the following day and organizers are investigating who was behind the attack, she said.

The incident underscores the threat of hacking even as South Korea organized a team of experts well before the event started. Due to the ad hoc nature of cyber operations at the Olympics, the event is more vulnerable to hackers who exploit the lack of security discipline among personnel brought together from different organizations, said Hwang Jun-won, a professor of cyber security at South Korea’s Hoseo Technical College.

“Anything that is run temporarily carries risks because not everyone is working hand in glove,” Hwang said. “This hurts the public credibility of the Pyeongchang Olympics given how important networks are in running such a massive event.”

Hwang wouldn’t point to any suspect without analyzing the code first. But he wouldn’t rule out the involvement of players from North Korea and Russia. Even though this year’s Winter Olympics drew a high-level delegation from North Korea, it has been blamed in past attacks in South Korea and has a history of making provocations while offering an olive branch, he said. Russia was banned over a doping scandal with some athletes from the country competing as individuals.

Calls to the chief technical engineer at Pyeongchang for comment went unanswered.

The hackers knew usernames, server names and passwords used for the Olympic Games infrastructure, Cisco’s Talos threat intelligence division wrote on its blog, saying it identified 44 individual accounts in the code. Samples of the “Olympic Destroyer” indicate the hackers did not try to steal information. Rather, analysis shows they performed only “destructive” functions.

“The samples identified, however, are not from adversaries looking for information from the games but instead they are aimed to disrupt the games,” it said on the blog. “It leaves us confident in thinking that the actors behind this were after embarrassment of the Olympic committee during the opening ceremony.”